diff --git a/debian/patches/bugfix/all/binder-fix-race-between-munmap-and-direct-reclaim.patch b/debian/patches/bugfix/all/binder-fix-race-between-munmap-and-direct-reclaim.patch index 1143ac8c3..870262324 100644 --- a/debian/patches/bugfix/all/binder-fix-race-between-munmap-and-direct-reclaim.patch +++ b/debian/patches/bugfix/all/binder-fix-race-between-munmap-and-direct-reclaim.patch @@ -1,8 +1,7 @@ -From 37b68ba30a93ee10b2e0531affdab9665dbe7b80 Mon Sep 17 00:00:00 2001 From: Todd Kjos Date: Fri, 1 Mar 2019 15:06:06 -0800 -Subject: [PATCH] binder: fix race between munmap() and direct reclaim -Origin: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=5cec2d2e5839f9c0fec319c523a911e0a7fd299f +Subject: binder: fix race between munmap() and direct reclaim +Origin: https://git.kernel.org/linus/5cec2d2e5839f9c0fec319c523a911e0a7fd299f Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-1999 An munmap() on a binder device causes binder_vma_close() to be called diff --git a/debian/patches/bugfix/all/nfc-Ensure-presence-of-required-attributes-in-the-deactivate_target.patch b/debian/patches/bugfix/all/nfc-Ensure-presence-of-required-attributes-in-the-deactivate_target.patch index 96d569ace..f53666cdc 100644 --- a/debian/patches/bugfix/all/nfc-Ensure-presence-of-required-attributes-in-the-deactivate_target.patch +++ b/debian/patches/bugfix/all/nfc-Ensure-presence-of-required-attributes-in-the-deactivate_target.patch @@ -1,9 +1,8 @@ -From 385097a3675749cbc9e97c085c0e5dfe4269ca51 Mon Sep 17 00:00:00 2001 From: Young Xiao <92siuyang@gmail.com> Date: Fri, 14 Jun 2019 15:13:02 +0800 Subject: nfc: Ensure presence of required attributes in the deactivate_target handler -Origin: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=385097a3675749cbc9e97c085c0e5dfe4269ca51 +Origin: https://git.kernel.org/linus/385097a3675749cbc9e97c085c0e5dfe4269ca51 Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-12984 Check that the NFC_ATTR_TARGET_INDEX attributes (in addition to diff --git a/debian/patches/bugfix/powerpc/powerpc-mm-64s-hash-Reallocate-context-ids-on-fork.patch b/debian/patches/bugfix/powerpc/powerpc-mm-64s-hash-Reallocate-context-ids-on-fork.patch index 1126878a9..e5dee4adb 100644 --- a/debian/patches/bugfix/powerpc/powerpc-mm-64s-hash-Reallocate-context-ids-on-fork.patch +++ b/debian/patches/bugfix/powerpc/powerpc-mm-64s-hash-Reallocate-context-ids-on-fork.patch @@ -1,8 +1,7 @@ -From e6b3afda1f296e826c07e10db055240a58047956 Mon Sep 17 00:00:00 2001 From: Michael Ellerman Date: Wed, 12 Jun 2019 23:35:07 +1000 Subject: powerpc/mm/64s/hash: Reallocate context ids on fork -Origin: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ca72d88378b2f2444d3ec145dd442d449d3fefbc +Origin: https://git.kernel.org/linus/ca72d88378b2f2444d3ec145dd442d449d3fefbc Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-12817 When using the Hash Page Table (HPT) MMU, userspace memory mappings diff --git a/debian/patches/bugfix/x86/x86-insn-eval-Fix-use-after-free-access-to-LDT-entry.patch b/debian/patches/bugfix/x86/x86-insn-eval-Fix-use-after-free-access-to-LDT-entry.patch index 3498171c6..b9a6bf111 100644 --- a/debian/patches/bugfix/x86/x86-insn-eval-Fix-use-after-free-access-to-LDT-entry.patch +++ b/debian/patches/bugfix/x86/x86-insn-eval-Fix-use-after-free-access-to-LDT-entry.patch @@ -1,8 +1,7 @@ -From de9f869616dd95e95c00bdd6b0fcd3421e8a4323 Mon Sep 17 00:00:00 2001 From: Jann Horn Date: Sun, 2 Jun 2019 03:15:58 +0200 Subject: x86/insn-eval: Fix use-after-free access to LDT entry -Origin: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=de9f869616dd95e95c00bdd6b0fcd3421e8a4323 +Origin: https://git.kernel.org/linus/de9f869616dd95e95c00bdd6b0fcd3421e8a4323 Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-13233 get_desc() computes a pointer into the LDT while holding a lock that